TDSSKiller Tool Used By Hackers To Disable EDR Software

The RansomHub ransomware group has utilized TDSSKiller, a legitimate tool developed by Kaspersky, to deactivate endpoint detection and response (EDR) services on targeted systems. Once these defenses were disabled, RansomHub proceeded to deploy the LaZagne credential-harvesting tool to extract login credentials from diverse application databases, facilitating lateral movement within the network. Read more...